Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

How do I remove Trojan:Win32/Alureon.gen!U?


  • Please log in to reply

#1
hakimishere

hakimishere

    New Member

  • Member
  • Pip
  • 1 posts
Hey.

I've been having this problem whereby Windows Defender prompts me that it has found the abovementioned trojan in my system. Everytime I click on remove, Windows Defender proceeds to prompt me to reboot my computer which I follow suit. However, the problem stills persists. I've read in other threads of people experiencing the same problems, so I have decided to start a new topic in the hopes of finding a solution. I have followed in the instructions given in the 'New Topic' guidelines and the results are as follows.

I've limited technical expertise in IT so I'm not really sure if the multitude of other problems I am facing are a result of the trojan above so I shall just go on and state the problems here. I'm currently running Windows Vista on an Acer Aspire 4920G. Intel Core 2 Duo processor T7500 (2.2GHz, 800 Mhz FSB, 4MB L2 Cache). 3GB DDR2 RAM. 250GB HDD. The problems I have been facing lately (I can't recall when I first encountered it unfortunately) are that every single time I open My Folder - the directory in which you find the Music, Picture, Documents, etc folders - Windows Explorer will simply stop running and restart. Afterwards, Windows's 'Problem Reports and Solutions' will appear suggesting some remedial steps to heed. I've tried all their suggestions and still the problem persists. Below is the chunk of text I see in the 'Problem Reports and Solutions' window. Anyway, I go about the problem by accessing Windows Explorer through My Computer and bypassing the My Folder screen by going straight to the folders within that folder using the side panel tabs. If this is in any way not related to the trojan, I suppose I'll take a one by one approach and solve the more pressing matter of the trojan first before starting a new thread to solve this problem.

The other problem, to be honest, I'm not too sure of the effect it has on my computer. Basically, a pop-up window not unlike that which tells you that Windows Explorer has stopped working, appears on the screen to tell me that 'Pure Networks Platform Service stopped working and was closed. A problem caused the application to stop working correctly. Windows will notify you if a solution is available'.

As I've said earlier I'm not too sure if these matters are in any way related to the trojan. I idea I get of trojans and their undoings involve taking up space thus slowing down the computer considerably but I am not too sure if they actually do screw up the computer by disabling its functions. I am actually resigned to reformatting my computer because I find that to be the panacea of all my computer woes. However, I stumbled across this site and decided to give it a try. Lastly, my sincerest apology if my explanations are long-winded or have included excessive amounts of unnecessary information.


Troubleshoot a problem with Power Cinema
Power Cinema has stopped working properly.

Power Cinema is a codec. The file name of this codec is CLDemuxer.ax.

To try to solve this problem, follow these steps. One step might solve the problem, but if it doesn't, then go on to the next step.

Click to go to the CyberLink Corp. website to check for and install CLDemuxer.ax updates

Use the regsvr32 command to unregister CLDemuxer.ax

If you don't know which program is causing this problem, you can remove CLDemuxer.ax from the list of installed codecs by unregistering it.

Warning
Disabling CLDemuxer.ax will cause any programs that depend on the codec to stop working or lose functionality.

Click the Start button , and then, in the Search box, type Command Prompt. From the list of results, right-click Command Prompt, and then click Run as administrator. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

At the command prompt, type regsvr32 /u CLDemuxer.ax, and then press ENTER. CLDemuxer.ax is now unregistered.
What should I do if the regsvr32 command fails or returns an error?

If the steps to disable the CLDemuxer.ax did not work, you can try renaming the file to disable it.

Click the Start button , and then, in the Search box, type CLDemuxer.ax.

In the list of search results, right-click CLDemuxer.ax, and then click Open file location.

Right click CLDemuxer.ax, and then click Rename.

Rename the file (for example, change the name to CLDemuxer.ax.old). Remember the file name so you can enable it later if you need to.

If these steps don't solve the problem and you continue to receive problem reports, please consider filling out the survey at the bottom of this page. To help us continue to investigate this error, include the names of the add-ons that are currently enabled in Internet Explorer in the comments area of the survey.

What is a codec?

A codec is software that is used to compress or decompress a digital media file, such as a song or video. Media players and other programs use codecs to play and create digital media files.



Malwarebytes' Anti-Malware 1.41
Database version: 3097
Windows 6.0.6002 Service Pack 2

4/11/2009 3:10:07 PM
mbam-log-2009-11-04 (15-09-58).txt

Scan type: Quick Scan
Objects scanned: 94546
Time elapsed: 4 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{d7ffd784-5276-42d1-887b-00267870a4c7} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\sysrun (Trojan.BHO) -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/11/04 15:11
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\Windows\System32\Drivers\dump_atapi.sys
Address: 0x9656D000 Size: 32768 File Visible: No Signed: -
Status: -

Name: dump_dumpata.sys
Image Path: C:\Windows\System32\Drivers\dump_dumpata.sys
Address: 0x96562000 Size: 45056 File Visible: No Signed: -
Status: -

Name: monitor
Image Path: \Driver\monitor
Address: 0x987DC000 Size: 61440 File Visible: No Signed: -
Status: Hidden from the Windows API!

Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0xA8FD2000 Size: 49152 File Visible: No Signed: -
Status: -

Name: Windows Communication Founda
Image Path: mework\v3.0\Windows Communication Founda
Address: 0x9320F000 Size: 2026880 File Visible: No Signed: -
Status: Hidden from the Windows API!

Processes
-------------------
Path: System
PID: 4 Status: Locked to the Windows API!

SSDT
-------------------
#: 013 Function Name: NtAlertResumeThread
Status: Hooked by "<unknown>" at address 0x89937068

#: 014 Function Name: NtAlertThread
Status: Hooked by "<unknown>" at address 0x89986358

#: 018 Function Name: NtAllocateVirtualMemory
Status: Hooked by "<unknown>" at address 0x8996a188

#: 021 Function Name: NtAlpcConnectPort
Status: Hooked by "<unknown>" at address 0x8916ab68

#: 042 Function Name: NtAssignProcessToJobObject
Status: Hooked by "<unknown>" at address 0x899cc850

#: 067 Function Name: NtCreateMutant
Status: Hooked by "<unknown>" at address 0x8996bf78

#: 077 Function Name: NtCreateSymbolicLinkObject
Status: Hooked by "<unknown>" at address 0x8996b8c8

#: 078 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0x899b9120

#: 116 Function Name: NtDebugActiveProcess
Status: Hooked by "<unknown>" at address 0x899a22b8

#: 129 Function Name: NtDuplicateObject
Status: Hooked by "<unknown>" at address 0x899cb3a8

#: 147 Function Name: NtFreeVirtualMemory
Status: Hooked by "<unknown>" at address 0x89966680

#: 156 Function Name: NtImpersonateAnonymousToken
Status: Hooked by "<unknown>" at address 0x89933718

#: 158 Function Name: NtImpersonateThread
Status: Hooked by "<unknown>" at address 0x89914068

#: 165 Function Name: NtLoadDriver
Status: Hooked by "<unknown>" at address 0x88dc8fd0

#: 177 Function Name: NtMapViewOfSection
Status: Hooked by "<unknown>" at address 0x899d19a0

#: 184 Function Name: NtOpenEvent
Status: Hooked by "<unknown>" at address 0x89907ec0

#: 194 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0x899a0e00

#: 195 Function Name: NtOpenProcessToken
Status: Hooked by "<unknown>" at address 0x899194a8

#: 197 Function Name: NtOpenSection
Status: Hooked by "<unknown>" at address 0x89922110

#: 201 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0x899cd9c8

#: 210 Function Name: NtProtectVirtualMemory
Status: Hooked by "<unknown>" at address 0x8996a958

#: 282 Function Name: NtResumeThread
Status: Hooked by "<unknown>" at address 0x89912268

#: 289 Function Name: NtSetContextThread
Status: Hooked by "<unknown>" at address 0x899c1108

#: 305 Function Name: NtSetInformationProcess
Status: Hooked by "<unknown>" at address 0x8996c9f8

#: 317 Function Name: NtSetSystemInformation
Status: Hooked by "<unknown>" at address 0x899a1068

#: 330 Function Name: NtSuspendProcess
Status: Hooked by "<unknown>" at address 0x8991f108

#: 331 Function Name: NtSuspendThread
Status: Hooked by "<unknown>" at address 0x8997b120

#: 334 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0x89934ad0

#: 335 Function Name: NtTerminateThread
Status: Hooked by "<unknown>" at address 0x89975068

#: 348 Function Name: NtUnmapViewOfSection
Status: Hooked by "<unknown>" at address 0x899357e0

#: 358 Function Name: NtWriteVirtualMemory
Status: Hooked by "<unknown>" at address 0x89966348

#: 382 Function Name: NtCreateThreadEx
Status: Hooked by "<unknown>" at address 0x8996b958

==EOF==



OTL logfile created on: 4/11/2009 3:13:40 PM - Run 1
OTL by OldTimer - Version 3.1.3.3 Folder = C:\Users\hakim90\Downloads\Installers
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00004809 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy

2.00 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 84.21% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 110.05 Gb Total Space | 13.91 Gb Free Space | 12.64% Space Free | Partition Type: NTFS
Drive D: | 110.07 Gb Total Space | 9.12 Gb Free Space | 8.28% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HAKIM
Current User Name: hakim90
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/11/04 14:52:59 | 00,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\hakim90\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2009/11/04 14:29:43 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Users\hakim90\Downloads\Installers\OTL.exe
PRC - [2009/11/04 14:29:43 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Users\hakim90\Downloads\Installers\OTL.exe
PRC - [2009/10/28 20:21:26 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/08/22 15:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
PRC - [2009/08/22 15:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
PRC - [2009/07/31 15:23:21 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/07/31 15:23:15 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
PRC - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/05/01 14:35:54 | 00,181,544 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/04/11 14:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009/04/11 14:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009/04/11 14:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/04/11 14:28:03 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009/04/11 14:28:03 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009/04/11 14:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 14:27:20 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2009/03/30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/03/30 16:28:36 | 00,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/03/08 19:34:00 | 00,115,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ielowutil.exe
PRC - [2009/01/16 03:25:48 | 00,729,088 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
PRC - [2009/01/16 03:25:48 | 00,729,088 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/10 04:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/16 17:26:20 | 00,860,160 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008/10/16 16:54:34 | 00,466,944 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/06/26 20:52:42 | 00,204,800 | ---- | M] () -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
PRC - [2008/05/30 16:53:48 | 00,303,104 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe
PRC - [2008/05/16 06:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/05/16 06:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2008/01/29 17:38:31 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2008/01/29 17:38:31 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2008/01/19 15:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/19 15:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2008/01/19 15:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2007/12/18 03:02:28 | 04,718,592 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/12/11 02:23:02 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007/12/06 17:25:58 | 00,458,752 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2007/10/31 10:45:48 | 00,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2007/10/20 08:15:50 | 00,842,248 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2007/09/11 07:28:18 | 00,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/09/08 03:56:32 | 01,021,224 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2007/09/08 03:35:10 | 00,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2007/09/07 04:02:04 | 00,393,216 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2007/06/14 08:54:36 | 00,135,168 | R--- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2007/06/12 06:54:58 | 01,286,144 | ---- | M] (CyberLink) -- C:\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2007/06/02 02:52:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2007/06/02 02:52:10 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2007/05/25 05:38:22 | 00,206,952 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
PRC - [2007/04/26 08:34:30 | 00,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
PRC - [2007/04/26 08:33:36 | 00,457,216 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
PRC - [2007/04/26 02:35:56 | 00,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
PRC - [2007/03/22 04:00:04 | 00,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/03/22 04:00:00 | 00,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/03/15 02:52:30 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2007/02/13 07:43:44 | 00,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
PRC - [2007/01/24 13:48:12 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2007/01/20 11:51:16 | 00,711,472 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007/01/18 02:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2006/11/25 04:57:54 | 00,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2006/10/06 02:10:12 | 00,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe


========== Modules (SafeList) ==========

MOD - [2009/11/04 14:29:43 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Users\hakim90\Downloads\Installers\OTL.exe
MOD - [2009/04/11 14:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/10/31 15:58:06 | 00,320,760 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/25 09:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/22 15:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/05/01 14:35:54 | 00,181,544 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/03/30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/03/30 12:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/27 19:15:40 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/02/19 02:39:20 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009/02/19 02:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009/02/19 02:38:42 | 00,879,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2009/01/16 03:25:48 | 00,729,088 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/10 04:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/16 17:26:20 | 00,860,160 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/10/16 16:54:34 | 00,466,944 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/06/26 20:52:42 | 00,204,800 | ---- | M] () -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe -- (LinksysUpdater)
SRV - [2008/05/30 16:53:48 | 00,303,104 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe -- (McciCMService)
SRV - [2008/05/16 06:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/01/29 17:38:31 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008/01/19 15:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 15:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008/01/19 15:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2007/12/11 02:23:02 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007/10/31 10:45:48 | 00,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2007/09/11 07:28:18 | 00,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007/06/14 08:54:36 | 00,135,168 | R--- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2007/04/26 08:34:30 | 00,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/03/22 04:00:04 | 00,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007/03/15 02:52:30 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2007/02/13 07:43:44 | 00,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro Oz128 Driver\o2flash.exe -- (o2flash)
SRV - [2007/02/05 10:11:18 | 00,075,320 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2007/02/05 10:11:16 | 00,112,184 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service)
SRV - [2007/01/24 13:48:12 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo)
SRV - [2007/01/18 02:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006/12/14 02:21:20 | 00,045,056 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 02:02:08 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 01:46:16 | 00,057,344 | ---- | M] () -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/11/25 04:57:54 | 00,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2006/11/02 20:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2006/11/02 20:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/27 05:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/06 02:10:12 | 00,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2005/11/14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.sg.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.sg.acer.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://sg.rd.yahoo.c...://sg.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....e...-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 119.62.128.38:80

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Dictionary.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:2.7.6.0623
FF - prefs.js..extensions.enabledItems: [email protected]:0.6.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.4.2
FF - prefs.js..extensions.enabledItems: {6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}:1.3
FF - prefs.js..extensions.enabledItems: {d37dc5d0-431d-44e5-8c91-49419370caa1}:2.5.35
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.2.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {6e764c17-863a-450f-bdd0-6772bd5aaa18}:1.0.3
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071101000055
FF - prefs.js..extensions.enabledItems: {8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0
FF - prefs.js..extensions.enabledItems: {7BA52691-1876-45ce-9EE6-54BCB3B04BBC}:3.7
FF - prefs.js..extensions.enabledItems: [email protected]:1.5.2
FF - prefs.js..extensions.enabledItems: [email protected]:0.9948
FF - prefs.js..extensions.enabledItems: {ada4b710-8346-4b82-8199-5de2b400a6ae}:1.9.1
FF - prefs.js..extensions.enabledItems: [email protected]:2.3
FF - prefs.js..extensions.enabledItems: [email protected]:0.2.2.13
FF - prefs.js..extensions.enabledItems: {274938F0-9E0B-11DE-A714-53A955D89593}:0.9.17
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4
FF - prefs.js..extensions.enabledItems: {66871bd1-5ba2-4739-b485-2a15f5969bd8}:2.090608
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.69
FF - prefs.js..extensions.enabledItems: {c1dffba0-628e-11d9-9669-0800200c9a66}:3.5.0
FF - prefs.js..extensions.enabledItems: {285da7e0-729d-11db-9fe1-0800200c9a66}:2.121408
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.75
FF - prefs.js..extensions.enabledItems: {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}:1.8.51
FF - prefs.js..network.proxy.autoconfig_url: "http://www.damaisec.moe.edu.sg/"

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/14 23:45:20 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/29 12:23:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/29 12:23:49 | 00,000,000 | ---D | M]

[2009/06/12 07:38:53 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Extensions
[2008/09/10 23:03:16 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/06/12 07:38:53 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Extensions\[email protected]
[2009/11/04 13:15:29 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions
[2009/07/04 13:39:04 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2009/10/31 16:42:41 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2009/10/31 16:42:29 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
[2009/08/15 00:49:37 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/24 23:42:37 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{274938F0-9E0B-11DE-A714-53A955D89593}
[2009/01/30 00:03:46 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{285da7e0-729d-11db-9fe1-0800200c9a66}
[2009/07/24 20:17:20 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66}
[2009/08/21 22:37:40 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2009/09/26 03:29:44 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}
[2008/10/17 20:52:15 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2009/06/11 16:41:44 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{66871bd1-5ba2-4739-b485-2a15f5969bd8}
[2009/10/24 23:42:37 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18}
[2009/10/22 00:41:46 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}
[2008/10/17 20:52:16 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2009/10/24 23:42:37 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2009/09/26 03:30:04 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2009/03/27 17:21:59 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2009/07/11 13:25:58 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
[2009/10/24 23:42:37 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
[2009/10/24 23:42:37 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/09/26 03:29:54 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
[2009/06/11 17:30:42 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\[email protected]
[2009/01/30 00:04:00 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\[email protected]
[2009/10/24 23:42:37 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\[email protected]
[2009/08/31 10:30:29 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\[email protected]
[2009/11/04 13:15:20 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\[email protected]
[2009/07/24 20:17:22 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\[email protected]
[2009/10/27 01:36:25 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\[email protected]
[2009/10/22 00:41:48 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\[email protected]
[2008/11/22 00:00:25 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\[email protected]
[2009/10/24 23:42:37 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\[email protected]
[2009/10/24 23:42:37 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\[email protected]
[2009/01/30 00:04:00 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\extensions\[email protected]\chrome
[2008/09/13 16:34:29 | 00,002,207 | ---- | M] () -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\searchplugins\askcom.xml
[2009/10/30 12:42:40 | 00,001,148 | ---- | M] () -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\searchplugins\dictionarycom.xml
[2008/09/13 16:34:30 | 00,004,372 | ---- | M] () -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\searchplugins\espn.xml
[2008/09/13 16:34:40 | 00,001,155 | ---- | M] () -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\searchplugins\hollywoodcom.xml
[2008/09/10 23:15:17 | 00,001,504 | ---- | M] () -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\searchplugins\imdb.xml
[2008/09/13 16:35:31 | 00,001,224 | ---- | M] () -- C:\Users\hakim90\AppData\Roaming\Mozilla\Firefox\Profiles\q6o9xeko.default\searchplugins\yahoo-answers.xml
[2009/11/04 14:51:20 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/29 12:23:49 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/12/08 21:04:07 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009/01/29 21:38:24 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/04/20 22:38:57 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008/07/10 21:23:10 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/03/16 00:37:01 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/04/16 20:53:30 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/08/21 18:56:13 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/10/21 07:31:19 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2008/09/10 23:03:10 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2009/10/29 12:23:39 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/10/29 12:23:39 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009/05/02 05:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\libdivx.dll
[2007/04/10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2008/01/23 13:48:42 | 00,491,520 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2009/07/31 15:23:11 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009/05/13 02:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[2009/09/26 00:41:34 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[2009/10/29 12:23:40 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2008/10/14 21:33:30 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2008/09/23 23:44:10 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2009/09/12 12:18:45 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009/09/12 12:18:45 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/09/12 12:18:45 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/09/12 12:18:46 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/09/12 12:18:46 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/09/12 12:18:46 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/09/12 12:18:46 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2008/09/23 23:44:20 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
[2008/09/23 23:44:05 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2009/05/02 05:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll
[2009/08/20 22:39:13 | 00,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2009/08/20 22:39:13 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/08/20 22:39:13 | 00,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2009/08/20 22:39:13 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/08/20 22:39:13 | 00,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2009/08/20 22:39:13 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/08/20 22:39:13 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/08/20 22:39:13 | 00,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: (335252 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 11489 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Acer Tour] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SingTel_McciTrayApp] C:\Program Files\SingTel\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [singtelRV_McciTrayApp] C:\Program Files\SmartFix\McciTrayApp.exe File not found
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Updater] C:\Windows\System32\updater\explorer.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.)
O4 - HKCU..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
O4 - HKCU..\Run: [odqoq] C:\Users\hakim90\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AQ5H0A1W\uyxjrqf.exe File not found
O4 - HKCU..\Run: [Sidebar] C:\Program Files\windows sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} http://webeffective....torLauncher.cab (Keynote Connector Launcher 2)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8FD07749-EFFA-48C6-947C-45A8D7BF422F} http://www.cyberlink...LVistaGenie.cab (CLVistaGenie Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} https://secure.gopet...v/GoPetsWeb.cab (GoPetsWeb Control)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Pure Networks, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\CoIEPlg.dll (Symantec Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/19 05:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008/06/29 12:36:34 | 00,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

========== Files/Folders - Created Within 14 Days ==========

[2009/11/04 15:03:23 | 00,000,000 | ---D | C] -- C:\Users\hakim90\AppData\Roaming\Malwarebytes
[2009/11/04 15:03:13 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/11/04 15:03:11 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/11/04 15:03:11 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/11/04 15:03:11 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/11/04 15:03:08 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/04 15:01:57 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/11/04 15:01:29 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/11/04 14:14:53 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2009/11/04 05:08:25 | 00,000,000 | ---D | C] -- C:\ProgramData\TVU Networks
[2009/11/04 05:08:25 | 00,000,000 | ---D | C] -- C:\Users\hakim90\AppData\Local\TVU Networks
[2009/11/04 05:08:25 | 00,000,000 | ---D | C] -- C:\ProgramData\TVU Networks
[2009/11/04 05:07:52 | 00,000,000 | ---D | C] -- C:\Program Files\TVUPlayer
[2009/10/30 20:20:54 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/10/30 20:20:52 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/10/30 13:21:13 | 00,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2009/10/30 13:21:13 | 00,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2009/10/29 15:24:21 | 00,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2009/10/29 15:24:21 | 00,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2009/10/27 15:24:10 | 00,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2009/10/27 15:24:10 | 00,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2008/03/04 08:37:19 | 00,045,056 | ---- | C] ( ) -- C:\Windows\PLFSet.dll
[2008/03/04 08:37:18 | 00,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2008/03/04 08:37:18 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2007/08/15 19:48:13 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll

========== Files - Modified Within 14 Days ==========

[2009/11/04 15:13:37 | 09,699,328 | -HS- | M] () -- C:\Users\hakim90\NTUSER.DAT
[2009/11/04 15:13:05 | 00,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F20AEC38-538E-4DEF-B83B-DA90B76304D0}.job
[2009/11/04 15:00:37 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/11/04 15:00:37 | 00,600,378 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/11/04 15:00:37 | 00,105,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/11/04 14:57:51 | 00,022,016 | ---- | M] () -- C:\Windows\System32\tdlwsp.dll
[2009/11/04 14:57:12 | 00,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009/11/04 14:51:17 | 00,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2009/11/04 14:51:14 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/11/04 14:51:14 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/11/04 14:51:13 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/11/04 14:50:45 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/11/04 14:50:01 | 32,195,78880 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/04 14:46:11 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2009/11/04 14:46:10 | 00,524,288 | -HS- | M] () -- C:\Users\hakim90\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2009/11/04 14:46:10 | 00,065,536 | -HS- | M] () -- C:\Users\hakim90\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2009/11/04 14:14:31 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2009/11/04 14:13:15 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/11/04 14:13:00 | 02,940,680 | -H-- | M] () -- C:\Users\hakim90\AppData\Local\IconCache.db
[2009/11/04 14:04:47 | 00,041,258 | ---- | M] () -- C:\Users\hakim90\Desktop\HELP.docx
[2009/11/04 05:08:01 | 00,000,820 | ---- | M] () -- C:\Users\Public\Desktop\TVUPlayer.lnk
[2009/11/03 15:32:11 | 00,115,712 | ---- | M] () -- C:\Users\hakim90\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/31 23:33:00 | 00,000,472 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/10/30 20:21:56 | 00,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/10/30 14:55:11 | 00,001,586 | ---- | M] () -- C:\Users\hakim90\Desktop\Football Manager 2010.lnk
[2009/10/27 15:50:04 | 00,011,603 | ---- | M] () -- C:\Users\hakim90\Desktop\doc11.docx
[2009/10/26 17:34:38 | 00,024,175 | ---- | M] () -- C:\Users\hakim90\Desktop\To-Read List.docx
[2009/10/26 12:48:53 | 00,019,553 | ---- | M] () -- C:\Users\hakim90\Desktop\Ice Cream Places.docx
[2009/10/25 17:01:46 | 00,012,836 | ---- | M] () -- C:\Users\hakim90\Desktop\17Again-Dedication-RockNRolla-ILoveYouMan.docx

========== Files Created - No Company Name ==========

[2009/11/04 14:14:31 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2009/11/04 14:13:15 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/11/04 14:04:46 | 00,041,258 | ---- | C] () -- C:\Users\hakim90\Desktop\HELP.docx
[2009/11/04 05:08:00 | 00,000,820 | ---- | C] () -- C:\Users\Public\Desktop\TVUPlayer.lnk
[2009/11/03 09:17:19 | 00,022,016 | ---- | C] () -- C:\Windows\System32\tdlwsp.dll
[2009/10/30 20:21:56 | 00,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/10/30 14:55:11 | 00,001,586 | ---- | C] () -- C:\Users\hakim90\Desktop\Football Manager 2010.lnk
[2009/10/26 17:34:38 | 00,024,175 | ---- | C] () -- C:\Users\hakim90\Desktop\To-Read List.docx
[2009/10/25 17:01:45 | 00,012,836 | ---- | C] () -- C:\Users\hakim90\Desktop\17Again-Dedication-RockNRolla-ILoveYouMan.docx
[2009/08/15 13:30:56 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/15 13:30:03 | 00,019,944 | ---- | C] () -- C:\Windows\System32\drivers\atapi.sys
[2009/07/09 13:30:50 | 02,940,680 | -H-- | C] () -- C:\Users\hakim90\AppData\Local\IconCache.db
[2009/06/19 22:54:55 | 00,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2009/01/16 03:27:26 | 00,011,264 | ---- | C] () -- C:\Windows\System32\atimuixx.dll
[2008/12/08 21:14:02 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/12/01 11:20:13 | 01,749,376 | ---- | C] () -- C:\Windows\System32\snp2uvc.sys
[2008/12/01 11:20:12 | 00,028,032 | ---- | C] () -- C:\Windows\System32\sncduvc.sys
[2008/12/01 11:20:12 | 00,000,131 | ---- | C] () -- C:\Windows\System32\PidList.ini
[2008/12/01 11:20:12 | 00,000,131 | ---- | C] () -- C:\Windows\PidList.ini
[2008/09/16 08:14:24 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/09/16 08:12:02 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/06/27 18:06:10 | 00,023,888 | ---- | C] () -- C:\Users\hakim90\AppData\Roaming\UserTile.png
[2008/06/13 23:08:52 | 00,000,025 | ---- | C] () -- C:\Windows\CDE CX3900EC.ini
[2008/05/01 19:43:29 | 00,000,680 | ---- | C] () -- C:\Users\hakim90\AppData\Local\d3d9caps.dat
[2008/03/22 01:33:42 | 00,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll
[2008/03/10 21:41:37 | 00,115,712 | ---- | C] () -- C:\Users\hakim90\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/03/10 17:17:53 | 00,071,032 | ---- | C] () -- C:\Users\hakim90\AppData\Local\GDIPFONTCACHEV1.DAT
[2008/03/04 09:23:21 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/03/04 09:22:57 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/03/04 09:12:27 | 00,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2008/03/04 09:07:56 | 00,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2008/03/04 08:37:19 | 01,749,376 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008/03/04 08:37:18 | 00,028,032 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2007/08/15 23:57:41 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007/08/15 19:48:11 | 00,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2007/08/15 19:17:51 | 00,000,796 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2007/08/14 19:11:08 | 00,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2007/08/14 19:11:08 | 00,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2007/08/14 19:11:08 | 00,000,042 | ---- | C] () -- C:\Windows\PreLaunch.ini
[2007/04/26 08:33:22 | 00,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2007/04/26 08:32:50 | 00,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2007/04/26 08:32:46 | 00,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2007/04/26 08:31:00 | 00,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2007/04/26 08:30:52 | 00,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2007/04/26 08:30:44 | 00,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2007/01/20 11:11:16 | 00,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/12/26 07:44:48 | 00,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/11/02 20:50:50 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2006/11/02 20:37:35 | 00,037,665 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2006/11/02 20:37:35 | 00,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 20:37:35 | 00,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 20:37:35 | 00,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 20:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 18:25:21 | 00,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 18:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 18:23:31 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 15:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/12/27 06:12:30 | 00,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/11/15 04:56:00 | 01,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001/09/04 13:46:38 | 00,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/31 06:33:56 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 12:04:36 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2008/03/10 17:19:17 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Acer
[2008/03/10 17:18:45 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\ATI
[2009/08/09 11:59:18 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\ImTOO Software Studio
[2008/07/03 22:47:55 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Keynote Systems
[2009/09/13 22:01:06 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Leadertech
[2008/05/10 02:50:29 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\LegalSounds
[2009/11/02 00:26:42 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\LimeWire
[2008/06/27 18:06:10 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\PeerNetworking
[2009/08/09 01:06:25 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Regensoft
[2008/03/10 20:24:03 | 00,000,000 | RH-D | M] -- C:\Users\hakim90\AppData\Roaming\SecuROM
[2008/07/28 22:28:08 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Sony
[2009/10/30 15:27:36 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Sports Interactive
[2009/02/01 13:23:44 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Stardock
[2008/05/17 18:52:38 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\TigerPlayer
[2009/09/19 00:14:01 | 00,000,000 | ---D | M] -- C:\Users\hakim90\AppData\Roaming\Uniblue
[2009/10/31 23:33:00 | 00,000,472 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2009/11/04 14:51:13 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/11/04 14:46:11 | 00,032,540 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/11/04 15:13:05 | 00,000,426 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{F20AEC38-538E-4DEF-B83B-DA90B76304D0}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2005/08/17 00:49:12 | 00,040,960 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\junction.exe

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2009/04/11 14:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2006/11/02 17:46:12 | 00,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2008/01/19 15:36:19 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 14:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2009/04/11 14:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2006/11/02 17:46:11 | 00,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008/01/19 15:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
[2009/04/11 14:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >
[2006/11/02 17:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 17:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >
[2007/03/22 03:58:56 | 00,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\IaStor.sys
[2007/03/22 03:59:30 | 00,381,720 | ---- | M] (Intel Corporation) MD5=9D7ED4275702E2FC409F2CC563245740 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys
[2007/03/22 03:58:56 | 00,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\drivers\iaStor.sys
[2007/03/22 03:58:56 | 00,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3a63e5a6\iaStor.sys

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
[2006/11/02 17:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/19 15:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2006/11/02 17:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 15:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2009/04/11 14:32:26 | 00,019,944 | ---- | M] () MD5 -- C:\Windows\System32\drivers\atapi.sys
[2007/08/14 19:34:04 | 00,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_5a9555b4\atapi.sys
[2008/03/10 19:02:32 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_64dfd8ea\atapi.sys
[2008/03/10 19:02:33 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2009/04/11 14:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2006/11/02 17:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/01/19 15:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/03/10 19:02:33 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2007/08/14 19:34:04 | 00,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20509_none_dbe4850d3d78c736\atapi.sys
[2008/03/10 19:02:32 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
[2008/01/19 15:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2009/04/11 14:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2006/11/02 17:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/19 15:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2007/08/14 19:33:04 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_8ed06b47\AGP440.sys
[2006/11/02 17:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
[2008/01/19 15:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2007/08/14 19:33:04 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16400_none_b82caac9c18a4e3b\AGP440.sys
[2007/08/14 19:33:04 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=BF34B4A0E0B64440C5389AA6B902F4AD -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20496_none_b85af81edaeb8461\AGP440.sys
[2008/01/19 15:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 15:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >
< End of report >




OTL Extras logfile created on: 4/11/2009 3:13:40 PM - Run 1
OTL by OldTimer - Version 3.1.3.3 Folder = C:\Users\hakim90\Downloads\Installers
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00004809 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy

2.00 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 84.21% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 110.05 Gb Total Space | 13.91 Gb Free Space | 12.64% Space Free | Partition Type: NTFS
Drive D: | 110.07 Gb Total Space | 9.12 Gb Free Space | 8.28% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HAKIM
Current User Name: hakim90
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu -- (Acer Inc.)
"C:\Acer\Empowering Technology\eDataSecurity\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption -- (HiTRUST)
"C:\Acer\Empowering Technology\eDataSecurity\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption -- (HiTRUST)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F6EA5F-ADD5-432B-9376-408B6AB031DD}" = lport=10452 | protocol=17 | dir=in | name=bitcometbeta 10452 udp |
"{18876D0E-4046-440F-B240-E226BF7C171C}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{19138E09-DC06-4EDC-A7C1-E1F456B049C0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{3EC37E15-118D-449B-92B9-318478BBC462}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{46738D04-EADA-4B81-8843-ED7D22061BA4}" = lport=rpc | protocol=6 | dir=in | svc=vds | app=c:\windows\system32\vds.exe |
"{5891E152-9C1D-4997-8FE3-E96D85AC6338}" = lport=80 | protocol=6 | dir=in | app=system |
"{7A49FC4B-21F8-4EE8-8A1B-4F40315F13DB}" = lport=rpc | protocol=6 | dir=in | svc=policyagent | app=c:\windows\system32\svchost.exe |
"{916D5D9C-A67E-46DB-BB68-B4360D1F366D}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\vdsldr.exe |
"{987DD0DC-7CEA-4911-A03F-45C61044E480}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{AF16CD06-860F-49E5-BA7A-8F2BD6981F45}" = lport=10452 | protocol=6 | dir=in | name=bitcometbeta 10452 tcp |
"{BF866CE4-A446-4049-9446-F9346B7A075E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CC112697-8EDD-492C-A43E-0379E9BBDCCF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{E49BD948-D5E1-4598-B50D-09C0A445C6AE}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08C1F403-50C7-46B3-8D83-8FA86109B0D1}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{09F6CCB3-027B-4638-92F6-7C14D1E49842}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{122E4E6E-4708-4E94-80E0-D130A1B10A20}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{1E49D19C-67F1-47BC-823E-E12FE32836D8}" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
"{26EF555F-EDE4-4F42-A320-01859BAFA8E6}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\pmvservice.exe |
"{28D86DC1-C46F-4262-AE37-956557712AD4}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\playmovie.exe |
"{2917BCD6-6AEE-49A3-BEF0-9C424972AAB3}" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
"{31DB8DEA-3E48-4869-9DFA-725B47B5323A}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{3478B315-FF4F-40B5-BF02-12A3C50E72A5}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{38EC29A3-D3F7-4DD1-849C-5E338FB1AECB}" = dir=in | app=c:\program files\acer arcade deluxe\videomagician\videomagician.exe |
"{40923515-51B0-4C71-B5E2-E29FE836E1E0}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{4A86BE85-6206-42C2-A030-FBF582449477}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{4C336CB7-1948-47BE-816D-D5AAB0DBF0C1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4D128081-4747-42E2-B5BA-CF186F8DF27D}" = protocol=6 | dir=in | app=c:\valve\steam\steamapps\common\football manager 2010\fm.exe |
"{5229EDD7-63BA-459E-9D6F-456BEB2F2A76}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{543895F4-962A-4F8A-8788-38E6AAECC677}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{5AF5BBBE-EBE2-419B-80F6-B1B7CBF62622}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{6724C5BB-3C93-4FE8-A26E-759BCCBD97D1}" = protocol=17 | dir=in | app=c:\program files\stardock games\the political machine 2008 express\polmachine2008express.exe |
"{684BCE73-5709-4D33-B6FE-E8A63DB03E78}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{75B11620-1DB2-4034-811F-2B955530E80F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7A17D011-219D-443E-B019-2E478AA22870}" = dir=in | app=c:\program files\acer arcade deluxe\dv wizard\dv wizard.exe |
"{7F4A5270-8496-4B85-B4B5-23191342138F}" = dir=in | app=c:\program files\acer arcade deluxe\dvdivine\dvdivine.exe |
"{87D0F04E-9698-4D8A-80B1-D8F38994E9EC}" = protocol=6 | dir=in | app=c:\program files\stardock games\the political machine 2008 express\polmachine2008express.exe |
"{88162416-9E03-4274-BA6A-35787175EF1F}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{89A8C285-628E-464D-8826-E2A09C4C2C0F}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{989A5537-D0CB-4DD3-A64E-D06C883A55F9}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{9F9FD877-8519-4B89-B3E3-FD126639BE4E}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe |
"{AAE534F9-E429-4DDA-95F5-30DD94239DAB}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{AD65D01C-1684-469C-9551-30BD5D9330CD}" = protocol=17 | dir=in | app=c:\valve\steam\steamapps\common\football manager 2010\fm.exe |
"{B1EC2C2B-D4B4-47AD-93FF-BE7E7F31572A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B9094160-8ADD-438E-95D9-C5061E710215}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{BD455429-F564-4216-AB84-F9C6294F24EC}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C6F14C71-96D2-49A6-8C8E-96B850E91CFB}" = protocol=17 | dir=in | app=c:\program files\sports interactive\football manager 2009\fm.exe |
"{C870919F-514E-42C4-92E5-8C3A04981F69}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{CF428810-4CC9-429B-B2CC-6FE05973D530}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D739CB6D-B2FA-47E2-9E3D-C2039E31A5E3}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{D78C3461-9837-4842-A04A-113A35F4B52D}" = protocol=6 | dir=in | app=c:\program files\sports interactive\football manager 2009\fm.exe |
"{DFB55317-9717-4FDF-9444-948E7407B5B5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{EE2F0E78-CC53-49BF-984E-F0D98B924B0A}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{12BFD1EF-784F-4159-B5C7-46C0C3C693F8}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{33C436B9-1989-4D37-A746-53A90276835E}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{434A45BC-01E5-4D49-9031-087448BFC1BA}C:\valve\steam\steamapps\hakim90\condition zero\hl.exe" = protocol=6 | dir=in | app=c:\valve\steam\steamapps\hakim90\condition zero\hl.exe |
"TCP Query User{53E88864-4D48-485D-A2EA-6A38BBEE8330}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{5587F612-BCB8-49D8-8BE5-FD52BD38195E}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{7479B78F-25B0-4562-8288-6A9F5A1E3F11}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{959BF752-C239-4872-868A-0C83EA40A100}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{DA2476D6-A9DB-455C-9358-15757DB09575}C:\valve\steam\steamapps\hakim90\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\valve\steam\steamapps\hakim90\counter-strike\hl.exe |
"TCP Query User{FC77A57A-C5CC-4C03-8E84-FA114208B11C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{43C5DA66-E867-4D19-A658-BCC588C5B1CB}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{6B6364F0-CDD5-40D6-B35B-6C0743DFA91D}C:\valve\steam\steamapps\hakim90\condition zero\hl.exe" = protocol=17 | dir=in | app=c:\valve\steam\steamapps\hakim90\condition zero\hl.exe |
"UDP Query User{786BBA39-2A61-48A4-B6C1-20FFB7E4539A}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{8F9B569A-D5E2-49EE-ACEC-6572579FCA55}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{931902FE-DB8C-4559-A138-8579725BF09E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{956B41A1-3B38-4E17-A55E-0FA39C0CA0D4}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{AAB747CA-98F7-4DD7-80E4-2F696D0E1B4C}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{AFD00DF1-71EF-4871-95DA-C0FBF7822AF8}C:\valve\steam\steamapps\hakim90\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\valve\steam\steamapps\hakim90\counter-strike\hl.exe |
"UDP Query User{F575FC94-8D4F-4D12-983A-BB01DCC4C7EE}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0096A731-71DB-4969-AF1A-651698B246A5}" = Sony Ericsson Media Manager 1.1
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{120D9280-C7A0-F52B-0F0C-8F1DE9ACEAEE}" = Catalyst Control Center Localization Korean
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15112D8C-D377-D1F9-3701-90E9CF9EC65B}" = Catalyst Control Center Localization Japanese
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{163B1CF0-6C0C-D558-341E-BA1DE37F9FA1}" = Catalyst Control Center Localization Danish
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20D08187-7192-A65D-4ABA-BB09BF315E4F}" = Catalyst Control Center Core Implementation
"{226EF265-A4E4-4E10-BAA9-9C5D89F6EAF9}" = Catalyst Control Center Localization Turkish
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{231A1A09-FDF2-45F2-B3D1-964CECE372BC}" = Seagate Manager Installer
"{238BA203-497D-16EA-8495-A42A37A1D1DC}" = Catalyst Control Center Localization Russian
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 16
"{284BD984-6E5C-4586-80A8-14D85E233497}" = Linksys EasyLink Advisor
"{2D72ACF2-C3A9-A980-FB98-0062C1F4AABF}" = Catalyst Control Center Localization Chinese Standard
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 4.010.00
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{34ED728D-ECE5-4A0D-9963-B54B318D0932}" = ccc-Branding
"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Intel® PROSet/Wireless WiFi Software
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye Webcam Video Class Camera
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{4971AB6A-D3AF-4227-51BD-0165C56F35F6}" = Catalyst Control Center Localization Dutch
"{4EB4978B-F18F-A9BF-114D-275F675CD9E7}" = Catalyst Control Center Localization Polish
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5A44BF79-7923-E7D4-C8A6-F93F81EF48B9}" = Catalyst Control Center Localization Finnish
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5DCE4F2F-427B-F3DA-AF1E-34FBFCF779ED}" = ccc-core-static
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{62F596B9-0DF7-AD7B-2D66-E6DC4BFB94C1}" = Catalyst Control Center Localization French
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64B3A619-65FF-6AF5-ABF8-D7D17E20D8A1}" = Catalyst Control Center Localization German
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7616F372-AFF8-355C-582D-6EA9BE9445CF}" = Catalyst Control Center Graphics Light
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78764173-3805-4916-B3CE-B433702B8870}" = O2Micro Flash Memory Card Reader Driver Installer(x86)
"{79B92639-4B90-CD61-6CB3-72C1977D7256}" = Catalyst Control Center Localization Portuguese
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7B8CFD39-A3EA-7469-344A-35715AA9DB10}" = Catalyst Control Center Localization Spanish
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111263673}" = Treasures of the Deep
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111271497}" = Mystery Case Files - Prime Suspects
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111310630}" = Big Kahuna Reef 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111473353}" = Dynasty
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111730193}" = Star Defender 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112179547}" = Mystery Case Files Ravenhearst
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{88637F72-B46E-43F9-B306-6DA1FF478D51}" = WIDCOMM Bluetooth Software 6.0.1.3900
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99C2CE24-18E1-5779-642B-ED28AFBE912E}" = Catalyst Control Center Localization Thai
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.3
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AA047D7C-5E7C-4878-B75C-77589151B563}" = Acer Crystal Eye webcam
"{AAA58088-CBEE-466C-F225-E6DC91A9A067}" = Catalyst Control Center Localization Norwegian
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.5
"{AC76BA86-7AD7-1033-7B44-A81300000003}_814" = KB408682
"{AC76BA86-7AD7-5760-0000-800000000003}" = Japanese Fonts Support For Adobe Reader 8
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B1286E7E-AAAF-955C-1C72-60C5EF8F5F2D}" = Catalyst Control Center Localization Italian
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4A0EFC6-0933-6AE9-8EE0-7D6C5D5E28A8}" = Catalyst Control Center Localization Swedish
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B8DC25AB-AEF8-264E-072D-62EB71D331B6}" = Catalyst Control Center Localization Hungarian
"{BDFD03D4-CA66-36B1-41DE-F10059E248C4}" = Catalyst Control Center Localization Greek
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C9507D0D-1A9C-486E-91D6-33A71CCA55F2}" = Pure Networks Platform
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes
"{D273D5F0-5868-358A-F5EE-77565BD6AAD4}" = Catalyst Control Center Localization Chinese Traditional
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F79E42D0-C1F2-C461-5E1A-3A169E25F2C2}" = ccc-utility
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FF9E6D14-CD96-B086-BF2B-1E5DE6A7780F}" = Catalyst Control Center Localization Czech
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AviSynth" = AviSynth 2.5
"BitComet" = BitComet 1.15
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EPSON Printer and Utilities" = EPSON Printer Software
"ERUNT_is1" = ERUNT 1.1j
"Free iPod Video Converter_is1" = Free iPod Video Converter 1.34
"Google Updater" = Google Updater
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{231A1A09-FDF2-45F2-B3D1-964CECE372BC}" = Seagate Manager Installer
"InstallShield_{284BD984-6E5C-4586-80A8-14D85E233497}" = Linksys EasyLink Advisor
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"KeynoteConnector" = Keynote Connector
"LegalSounds Music Downloader_is1" = LegalSounds Music Downloader 1.4
"LimeWire" = LimeWire PRO 5.1.2
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.4)" = Mozilla Firefox (3.5.4)
"MpcStar" = MpcStar 2.9
"NIS" = Norton Internet Security
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01
"ProInst" = Intel PROSet Wireless
"RealPlayer 6.0" = RealPlayer
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"ShotOnline International" = ShotOnline International
"SmartFix" = SmartFix
"Steam" = Steam
"Steam App 10" = Counter-Strike
"Steam App 100" = Condition Zero Deleted Scenes
"Steam App 34000" = Football Manager 2010
"Steam App 80" = Condition Zero
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TVUPlayer" = TVUPlayer 2.4.9.1
"Update Service" = Update Service
"VLC media player" = VLC media player 1.0.2
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Yahoo! Software Update" = Yahoo! Software Update
"YouTube Downloader App" = YouTube Downloader App 1.03

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 14/1/2009 11:30:58 AM | Computer Name = Hakim | Source = EventSystem | ID = 4621
Description =

Error - 15/1/2009 6:25:58 AM | Computer Name = Hakim | Source = RasClient | ID = 20227
Description =

Error - 15/1/2009 6:26:19 AM | Computer Name = Hakim | Source = RasClient | ID = 20227
Description =

Error - 15/1/2009 2:30:29 PM | Computer Name = Hakim | Source = EventSystem | ID = 4621
Description =

Error - 20/1/2009 4:10:29 AM | Computer Name = Hakim | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 1.9.0.3257 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: ac4 Start Time: 01c97ad5e6a217fc Termination Time: 9

Error - 22/1/2009 7:29:12 AM | Computer Name = Hakim | Source = EventSystem | ID = 4621
Description =

Error - 23/1/2009 12:07:45 PM | Computer Name = Hakim | Source = EventSystem | ID = 4621
Description =

Error - 26/1/2009 5:18:43 AM | Computer Name = Hakim | Source = RasClient | ID = 20227
Description =

Error - 26/1/2009 5:27:58 AM | Computer Name = Hakim | Source = RasClient | ID = 20227
Description =

Error - 26/1/2009 9:11:43 AM | Computer Name = Hakim | Source = Application Error | ID = 1000
Description = Faulting application msnmsgr.exe, version 8.5.1302.1018, time stamp
0x4717a53b, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0x28e05950, process id 0x13cc, application start time
0x01c97f93666cf87c.

[ System Events ]
Error - 4/11/2009 2:44:38 AM | Computer Name = Hakim | Source = Service Control Manager | ID = 7031
Description =

Error - 4/11/2009 2:44:38 AM | Computer Name = Hakim | Source = Service Control Manager | ID = 7031
Description =

Error - 4/11/2009 2:44:38 AM | Computer Name = Hakim | Source = Service Control Manager | ID = 7034
Description =

Error - 4/11/2009 2:44:38 AM | Computer Name = Hakim | Source = Service Control Manager | ID = 7034
Description =

Error - 4/11/2009 2:44:38 AM | Computer Name = Hakim | Source = Service Control Manager | ID = 7031
Description =

Error - 4/11/2009 2:44:38 AM | Computer Name = Hakim | Source = Service Control Manager | ID = 7034
Description =

Error - 4/11/2009 2:44:39 AM | Computer Name = Hakim | Source = Service Control Manager | ID = 7031
Description =

Error - 4/11/2009 2:44:39 AM | Computer Name = Hakim | Source = Service Control Manager | ID = 7034
Description =

Error - 4/11/2009 2:44:39 AM | Computer Name = Hakim | Source = Service Control Manager | ID = 7034
Description =

Error - 4/11/2009 2:51:33 AM | Computer Name = Hakim | Source = Service Control Manager | ID = 7000
Description =


< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP